> Have a wonderful rest of the week!
You too!
You guys are awesome and fix things wy to fast.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia
On Thu, 16 Dec 2010 02:26:57 +1100
dave b wrote:
> I hate it when some one beats me to a bug report.
> https://addons.mozilla.org/en-US/firefox/user/5578717/ (this example
> will only work against firefox).
> The xss occurs due to no filtering / escaping the display name attribute for a
> user.
On Wed, Dec 15, 2010 at 5:49 PM, Peter Besenbruch wrote:
> On Thu, 2010-12-16 at 02:26 +1100, dave b wrote:
> > I hate it when some one beats me to a bug report.
> > https://addons.mozilla.org/en-US/firefox/user/5578717/ (this example
> > will only work against firefox).
> > The xss occurs due
On Thu, 2010-12-16 at 02:26 +1100, dave b wrote:
> I hate it when some one beats me to a bug report.
> https://addons.mozilla.org/en-US/firefox/user/5578717/ (this example
> will only work against firefox).
> The xss occurs due to no filtering / escaping the display name attribute for a
> user.
C
